Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Which will be the best way to set permission to an external user to limit their work?

Alejandra González December 28, 2022


I need to give restricted access to a jira user that is an external consultant of our company (he will have a user in jira).
This user will only need access, permissions, and visibility of the tickets assigned to him.
The project is Jira Service Desk and I will create a rule to assign the issue straight to him:
When issue created; if request type = x and Application type(custom flied) = y; then assign to this user.

Which will be the best way to get this done? Which will be the best practices to build this?
Create a group, then a project role, permission scheme, issue security level?

thanks in advance

1 answer

1 accepted

1 vote
Answer accepted
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 28, 2022

Are you working with a Team Managed project or a Company Managed project?

Permission Schemes and Issue Security Levels apply only to Company Managed projects.

There are several factors you need to consider:

1. When the user is granted product access to Jira Service Management you need to ensure that the User Group they get added to does not grant them access to any other Jira products or projects.

2. Permission Schemes determine the permissions for a user with the issues they are able to access. It can't be used to selectively make issues within a project inaccessible.

3. Are there other external people that might need to be given access in a similar manner in the same or another Service Management project?

I would recommend:

1. Create a User Group for such users that can be used in Product Access to grant them access only to Jira Service Management. This group may also need be added to Global Permissions in Jira depending on what you want to enable them to do.

2. Create a Role for the to be used in the Service Management project for this access if you want the Project Administrator to be able to manage which users get these permissions and issue level security access.

3. Add the user group to the Role, if you create a Role.

4. Create the Issue Level Security Scheme. You will need to have at least two Levels; one that includes the new group/role plus the other groups/roles that should be able to see these issues, and one that includes only the other groups/roles that should be able to see all issues. You are going to need to set a Default security level to ensure the group with limited access does not see all newly created issues.

5. If you want people to be able to set the issue security level you will have to add the field to the issue screens and grant those users permissions to do so in the Permission Scheme.

6. Set the Security Level for all existing issues. If you don't do this up front, then the limited access users will be able to see all the pre-existing issues.

7. Modify (or create a new) Permission Scheme to allocate the appropriate permissions to the group (or to the Role if you choose to make a Role) for seeing issues (that they are permitted to see per the Security Level), and creating/editing/commenting/etc. on the issues.

8. Add the limited access users as agents in your Service Management project.

I strongly recommend that you work this out with a test project or in a test instance rather than operating on your live service desk project. When you do update your live service desk project you should try to do that at a time where there your agents and customers will not be interacting with the issues, as these steps may make issues temporarily inaccessible.

Alejandra González January 3, 2023

Thanks Trudy!!This makes a lot of sense. I will give it a try right away.


Thanks a lot for you time and information!

Suggest an answer

Log in or Sign up to answer
Site Admin
AUG Leaders

Atlassian Community Events